Content Disarm & Reconstruction

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Content Disarm & Reconstruction (CDR) is a computer security technology for removing malicious code from files. Unlike malware analysis, CDR technology does not determine or detect malware's functionality but removes all file components that are not approved within the system's definitions and policies.[1]

It is used to prevent cyber security threats from entering a corporate network perimeter. Channels that CDR can be used to protect include email and website traffic. Advanced solutions can also provide similar protection on computer endpoints, or cloud email and file sharing services.

Applications[edit]

CDR works by processing all incoming files of an enterprise network, deconstructing them, and removing the elements that do not match the file type's standards or set policies.[2] CDR technology then rebuilds the files into clean versions that can be sent on to end users as intended.

Because CDR removes all potentially malicious code, it can be effective against zero-day vulnerabilities that rely on being an unknown threat that other security technologies would need to patch against to maintain protection.

CDR can be used to prevent cyber threats from variety of sources:

  • Email
  • Data Diodes
  • Web Browsers
  • Endpoints
  • File Servers
  • FTP
  • Cloud email or webmail programs
  • SMB/CIFS
  • Removable media scanning (CDR Kiosk)

Commercial availability[edit]

CDR or similar file sanitization technology is commercially available from a number of companies:

  • Sasa Software (Gate Scanner), an Israeli startup company established in 2013 headquartered in Israel with offices in the US and Singapore.[3][4]
  • YazamTech, The most mature CDR Technology, Israeli based, established in 2008
  • OPSWAT, a global cyber-security company founded in 2002 with offices in North America, Europe, and Asia.[5]
  • Fortinet, founded in 2000 and headquartered in Sunnyvale, California, with offices around the globe. From the start, the Fortinet vision has been to deliver broad, truly integrated, high-performance security across the IT infrastructure.
  • ReSec Technologies, Established in 2012 by military cyber defense experts, ReSec created CDR technology to overcome the limitations of conventional anti-malware detection. ReSec products are used by dozens of leading brands across sectors including banking and finance, manufacturing, telecom, healthcare and the public sector.[6]
  • Check Point, an global company established in 1993.[7]
  • Glasswall Solutions, a UK based Cyber Security technology organisation established in 2006, supplier to US & UK Governments & Enterprises .[8]
  • JIRANSECURITY, a highly-specialized Security SW company established in 2014.[9]
  • ODI, (ODIX CDR) an Israeli startup established in 2009. The innovation of ODI is its patented CDR algorithms - file sansitization without any format conversion while keeping original file format and functionality..[10]
  • SOFTCAMP, a South Korean information security company established in 1999 headquartered in South Korea with offices in Japan.
  • Votiro, an Israeli startup company established in 2010.[11]

See also[edit]

References[edit]

Glasswall Solutions Whitepaper discusses how organisations can protect themselves from such email attachment threats by integrating highly-detailed, unique analytics and file-regeneration technology. [12]